[cabfpub] Must Staple OID

Phillip philliph at comodo.com
Tue Oct 2 15:33:19 MST 2012


I just submitted the draft that I wrote with Rob's input back in May.

We started off with just doing 'must staple'. Then when we looked at the problem in a little more detail we started to see a potential version downgrade attack on top. So this led to a slightly more general approach (but not very).

http://tools.ietf.org/html/draft-hallambaker-tlssecuritypolicy-01


On Sep 28, 2012, at 12:12 AM, Jeremy Rowley wrote:

> Hi everyone,
>  
> One of the items discussed during today’s revocation meeting was the use of a “must staple” OID.  Does anyone object to using 2.23.140.16.1?  2.23.140 is the ca-browser-forum, 16 is ocsp, and 1 will become “must-staple”.
>  
> Jeremy Rowley
>  
> _______________________________________________
> Public mailing list
> Public at cabforum.org
> https://cabforum.org/mailman/listinfo/public

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://cabforum.org/pipermail/public/attachments/20121002/f7cc0874/attachment.html 


More information about the Public mailing list